Authenticating gaming machine content

ABSTRACT

A gaming machine may include a memory area including at least one bootup memory device, and at least one data storage device including at least one operating system and a plurality of gaming packages. The gaming machine also may include a display device configured to display at least one game selected from the plurality of gaming packages to a player, and a processor coupled to the memory area and to the display device. The processor may be configured to authenticate the at least one bootup memory device, and authenticate the at least one operating system. The processor may also be configured to determine an authentication sequence for the plurality of gaming packages, and authenticate the plurality of gaming packages in a sequence different from the determined authentication sequence.

BACKGROUND

The embodiments described herein relate generally to electronic gaming machines and, more particularly, to systems and methods for use in authenticating gaming machine content.

At least some gaming machines include gaming packages that include a plurality of files used to present one or more games to a player. Each gaming package typically contains the files associated with a specific game. A processor displays aspects of the game to the player using graphic files and may also cause one or more sounds to be generated from sound files stored within the gaming package. The processor also uses data files within a memory area of the gaming machine to account for or to record bonus awards, credits or payments paid by the player, the player's play history, and/or other aspects of the game.

To prevent unauthorized modification of the game files, at least some gaming machines may execute a verification process on the gaming packages. For example, at least some gaming machines may store a file signature or other verification data for each gaming package, and may use the stored verification data to determine if the files have changed during a boot process of the gaming machine and/or after the gaming package has been downloaded into the gaming machine. Such a verification process may be time-consuming for gaming machines that have a large number of gaming packages.

BRIEF DESCRIPTION

In one aspect, a gaming machine may include a memory area including at least one bootup memory device, and at least one data storage device including at least one operating system and a plurality of gaming packages. The gaming machine also may include a display device configured that may display at least one game selected from the plurality of gaming packages to a player, and a processor coupled to the memory area and to the display device. The processor may authenticate the at least one bootup memory device, and may authenticate the at least one operating system. The processor may also be configured to determine an authentication sequence for the plurality of gaming packages, and authenticate the plurality of gaming packages in a sequence different from the determined authentication sequence.

In another aspect, a method of authenticating gaming machine content may include authenticating at least one bootup memory device of the gaming machine, may authenticate at least one operating system of the gaming machine, may receive at least one of a local user input to the gaming machine and an input to the gaming machine from a remote device, and may authenticate a plurality of gaming packages after receiving the at least one of a local user input and an input from a remote device.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a block schematic diagram of an exemplary gaming machine;

FIG. 2 is a block schematic diagram of an exemplary gaming system that includes a plurality of the gaming machines shown in FIG. 1;

FIG. 3 is a block functional diagram of an exemplary authentication system that may be used with the gaming machine shown in FIG. 1;

FIG. 4 is a block functional diagram of an exemplary data storage device of the gaming machine shown in FIG. 1; and

FIG. 5 is a flowchart illustrating an exemplary method that may be used for authenticating the gaming machine shown in FIG. 1.

DETAILED DESCRIPTION

Exemplary embodiments of apparatus, methods, and computer-readable storage media having computer-executable components for use in authenticating gaming machine content, such as gaming packages, operating systems, and initialization software of bootup devices, are described herein. The embodiments described herein may enhance the security of gaming machines and may be implemented to determine whether gaming packages and/or operating systems installed within gaming machines may be authenticated or should be trusted. Moreover, the embodiments described herein may enable gaming machines to be accessible to users while gaming packages may be authenticated.

As used herein, an element or step recited in the singular and proceeded with the word “a” or “an” should be understood as not excluding plural elements or steps, unless such exclusion is explicitly recited. Furthermore, references to “one embodiment” of the present disclosure are not intended to be interpreted as excluding the existence of additional embodiments that also incorporate the recited features.

FIG. 1 is a block schematic diagram of an exemplary gaming machine 100. In the exemplary embodiment, gaming machine 100 may include a gaming machine controller 102 including at least one processor 104, such as a microprocessor, a microcontroller-based platform, a suitable integrated circuit or one or more application-specific integrated circuits “ASICs.” Processor 104 is coupled with, or operable to access or to exchange signals with, at least one data storage or memory area 106. In one embodiment, processor 104 and memory area 106 reside within a cabinet (not shown in FIG. 1) of gaming machine 100. Processor 104 and memory area 106 may be collectively referred to herein as a “computer” or “controller.”

Memory area 106 may store program code and instructions, executable by processor 104, to control gaming machine 100. Memory area 106 may also store other data such as image data, event data, player input data, random or pseudo-random number generators, pay-table data or information and applicable game rules that relate to the play of gaming machine 100. Memory area 106 may include one, or more than one, forms of memory. For example, memory area 106 may include random access memory “RAM,” which may include non-volatile RAM “NVRAM,” magnetic RAM “MRAM,” ferroelectric RAM “FeRAM,” and other forms of memory. Memory area 106 may also include read only memory “ROM,” flash memory and/or Electrically Erasable Programmable Read Only Memory “EEPROM.” Any other suitable magnetic, optical and/or semiconductor memory, by itself or in combination with other forms of memory, may be included in memory area 106. Memory area 106 may also be, or include, a detachable or removable memory, including, but not limited to, a suitable cartridge, disk, hard disk drive, solid state drive, CD ROM, DVD or USB memory. A player may use such removable memory in a desktop, a laptop personal computer, a personal digital assistant “PDA” or other computerized platform.

In one embodiment, gaming machine 100 may randomly generate awards and/or other game outcomes based on a pay table. That is, each award or other game outcome may be associated with a pay table entry and gaming machine 100 may generate the award or other game outcome to be provided to the player based on whether symbols or play results match pay table entries. In this embodiment, because gaming machine 100 may generate outcomes randomly, there may be no certainty that gaming machine 100 may ever provide the player with any specific award or other game outcome. Such random determination could be provided through utilization of a random number generator “RNG”, such as a true random number generator, a pseudo random number generator or other suitable randomization process.

In another embodiment, gaming machine 100 may use a predetermined or finite set or pool of awards or other game outcomes. In this embodiment, as each award or other game outcome is provided to the player, gaming machine 100 may remove the provided award or other game outcome from the predetermined set or pool. Once removed from the set or pool, the specific provided award or other game outcome may not be provided to the player again. This type of gaming device may provide players with all of the available awards or other game outcomes over the course of the play cycle and may guarantee the amount of actual wins and losses.

In yet another embodiment, after a player initiates game play at gaming machine 100, gaming machine 100 may enroll in a bingo game. In this embodiment, a bingo server may call the bingo balls that result in a specific game outcome. The resultant game outcome may be communicated to the individual gaming machine 100 to be provided to a player.

Referring still to FIG. 1, gaming machine 100 may include one or more display devices 108 and 110 that may be controlled by controller 102. Display devices 108 and 110 may be mounted to the cabinet of gaming machine 100. Gaming machine 100 may include a central display device 108 that may display a primary game. Display device 108 may also display any secondary game associated with the primary game as well as information relating to the primary or secondary game. Display device 110 may, for example, be an upper display device 110. Upper display device 110 may display the primary game, any suitable secondary game associated with the primary game, and/or any information relating to the primary or secondary game. At least one display device 108 and 110 may be a mobile display device, such as a smart phone, PDA, or tablet PC that enables play of at least a portion of the primary or secondary game at a location remote from other components of gaming machine 100.

In the exemplary embodiment, gaming machine 100 may include a credit display 112 that may display a player's current number of credits, cash, account balance, or the equivalent. Gaming machine 100 also may include a bet display 114 that may display an amount wagered by the player. Credit display 112 and bet display 114 may be standalone displays that are independent of display devices 108 and 110, or credit display 112 and/or bet display 114 may be incorporated into display devices 108 and/or 110.

Display devices 108 and/or 110 may include, without limitation, a monitor, a television display, a plasma display, a liquid crystal display “LCD,” a display based on light emitting diodes “LED,” a display based on a plurality of organic light-emitting diodes “OLEDs,” a display based on polymer light-emitting diodes “PLEDs,” a display based on a plurality of surface-conduction electron-emitters “SEDs,” a display including a projected and/or reflected image or any other suitable electronic device or display mechanism. In one embodiment, as described in more detail below, display devices 108 and/or 110 may include a touch-screen 116 with an associated touch-screen controller 118. Display devices 108 and/or 110 may be of any suitable configuration, such as a square, a rectangle or an elongated rectangle. Touch-screen 116 may be coupled with touch-screen controller 118, or some other touch-sensitive display overlay that may enable player interaction with the images on display devices 108 and/or 110.

Display devices 108 and/or 110 may display one or more game or other suitable images, symbols and/or indicia, such as any visual representation or exhibition of the movement of objects such as mechanical, virtual or video reels and wheels, dynamic lighting, video images, images of people, characters, places, things, and faces of cards, tournament advertisements, and/or the like.

In one alternative embodiment, the symbols, images and indicia displayed on or of display device 108 and/or 110 may be in a mechanical form. That is, display device 108 and/or 110 may include any electromechanical device, such as one or more mechanical objects, such as one or more rotatable wheels, reels or dice, that may display at least one and preferably a plurality of game or other suitable images, symbols or indicia with an electronic display overlay.

In the exemplary embodiment, gaming machine 100 may include at least one payment acceptor 120 that may be in communication with controller 102. Payment acceptor 120 may include a coin slot 122 and a payment, note or bill acceptor 124, wherein the player inserts money, coins, or tokens. For example, the player may insert coins in coin slot 122 or paper money, tickets, or a voucher into acceptor 124. Devices such as a card reader or validator 126 for credit cards, debit cards or credit slips may also be used to accept payment. An identification card, mobile phone, and/or a smart card including a programmed microchip or a magnetic strip coded with a player's identification, credit totals and other relevant information may be used. In one embodiment, money may be transferred to a gaming machine through electronic funds transfer “EFT.” When a player funds gaming machine 100, controller 102 may determine the amount of funds entered and displays the corresponding amount on credit display 112 as described above.

Gaming machine 100 may also include one or more input devices 128 that may be communicatively coupled to controller 102. Input devices 128 may include any suitable device that may enable the player to provide an input signal that may be readable by controller 102. In one embodiment, input device 128 may be a game activation device, such as a pull arm or a play button that may be used by the player to initiate any primary game or sequence of events in gaming machine 100. The play button can be any suitable play activator. In one embodiment, upon appropriate funding, gaming machine 100 may begin the game play automatically. In another embodiment, after the player engages one of the play buttons, gaming machine 100 may automatically activate game play.

One input device 128 may be a “Bet One” button. In such an embodiment, the player may enter a bet by pushing the Bet One button. The player can increase the amount bet by one credit each time the player pushes the Bet One button. When the player pushes the Bet One button, the number of credits shown in credit display 112 decrements by one, and the number of credits shown in bet display 114 increments by one. Another input device may be a “Bet Max” button that may enable the player to bet the maximum wager permitted for a game of gaming machine 100.

Yet another input device 128 may be a “Cash Out” button. The player may push the Cash Out button to receive a cash payment or other suitable form of payment corresponding to the number of remaining credits. When the player cashes out, the player may receive the coins or tokens in a coin payout tray (not shown in FIG. 1) or other payout mechanisms, such as tickets or credit slips, redeemable by a cashier, or funding to the player's electronically recordable identification card.

Touch-screen 116 and touch-screen controller 118 may be communicatively coupled to a video controller 130. A player can make decisions and input signals into gaming machine 100 by touching touch-screen 116 at appropriate places. Gaming machine 100 may also include one or more communication ports 132 that may enable communication of controller 102 with external peripherals (not shown in FIG. 1), such as, but not limited to, external video sources, expansion buses, game or other displays, a SAS device, a SATA device, or a key pad.

In the exemplary embodiment, gaming machine 100 may include a sound generating device 134 that may be controlled by one or more sounds cards 136 that may function in conjunction with controller 102. Sound generating device 134 may include at least one speaker or other sound generating hardware and/or software for generating sounds, such as playing music for the primary and/or secondary game or for other modes of gaming machine 100, such as an attract mode. Gaming machine 100 may provide dynamic sounds coupled with attractive multimedia images displayed on one or more of display devices 108 and/or 110 to provide an audio-visual representation or to otherwise display full-motion video with sound that may attract players to gaming machine 100. During idle periods, gaming machine 100 may display a sequence of audio and/or visual attraction messages that may attract potential players to gaming machine 100. The videos may also be customized for or to provide any appropriate information.

In the exemplary embodiment, gaming machine 100 may include a sensor 138, such as a camera coupled to and/or controlled by controller 102. Sensor 138 may be selectively positionable to acquire an image of a player actively playing gaming machine 100 and/or an area adjacent to gaming machine 100. In one embodiment, the camera may selectively acquire still or moving (e.g., video) images and may acquire the images in either an analog, digital or other suitable format. Display devices 108 and/or 110 may display the image acquired by the camera, as well as may display the visible manifestation of the game in split screen or picture-in-picture fashion. For example, the camera may acquire an image of the player and the processor may incorporate that image into the primary and/or secondary game as a game image, symbol or indicia. Furthermore, gaming machine 100 may be capable of communicatively coupling to a network (not shown in FIG. 1) via a network interface 140.

Gaming machine 100 may incorporate any suitable wagering primary or base game. Gaming machine 100 may include some or all of the features of conventional gaming machines or devices. The primary or base game may comprise any suitable reel-type game, card game, number game or other game of chance susceptible to representation in an electronic or electromechanical form that produces a random outcome based on probability data upon activation from a wager. That is, different primary wagering games, such as video poker games, video blackjack games, video Keno, video bingo or any other suitable primary or base game may be implemented.

In some embodiments, memory area 106 may include one or more computer-readable storage media having computer-executable instructions. Exemplary computer-readable storage media may include a first bootup memory device 142 and a second bootup memory device 144 that facilitates authenticating an initial bootup process of gaming machine 100. Another exemplary computer-readable storage media may be a data storage device 146 that may facilitate authenticating a final bootup process of gaming machine 100, as described in greater detail below.

FIG. 2 is a block schematic diagram of an exemplary gaming system 200 that may include a plurality of gaming machines 100. Each gaming machine 100 may be coupled via a network connection 140 to one or more servers, such as a game server 202, to an accounting server 204, and to a player tracking server 206. Each server 202, 204, and 206 may include a processor (not shown) that may enable data communication between each gaming machine 100 and other components of gaming system 200. Such data may be stored in, for example, a database 208 coupled to each server 202, 204, and 206. Moreover, each server 202, 204, and 206 also may include audio capabilities, such as a CD-ROM drive (not shown) or DVD-ROM drive (not shown), that may be coupled to a sound card (not shown) for processing and transmitting digitized sound effects to one or more speakers 210 in response to commands issued to gaming system 200 by a corresponding server 202, 204, and/or 206. Each server 202, 204, and 206 may also be coupled via gaming system 200 to an electronic sign or screen 212 that may display information, such as via scrolling and/or flashing messages that may indicate, for example, progressive and/or jackpot amounts, and that may be visible to players playing gaming machines 100. Display messages on each electronic screen 212 may be generated and/or modified in response to commands issued over gaming system 200 by servers 202, 204, and/or 206.

As described above, gaming machines 100 may include video poker machines, video slot machines, and/or other similar gaming machines that may implement alternative games. Moreover, gaming machines 100 may be terminal-based machines, wherein the actual games, including random number generation and/or outcome determination, may be performed at a server, such as servers 202, 204, and/or 206. In such an embodiment, gaming machine 100 may display results of the game via displays devices 108 and/or 110 (shown in FIG. 1).

Moreover, in the exemplary embodiment, gaming system 200 may include a configuration workstation 214 that may include a user interface that may enable an administrator to set up and/or to modify portions of gaming system 200 and/or servers 202, 204, and 206. Player tracking server 206 may track data of players using gaming machines 100, and also may control messages that may appear on each display device 108 and/or 110 of gaming machines 100. In the exemplary embodiment, player tracking server 206 also may store physical characteristics of players, such as, but not limited to, the player age and/or vision data. Game server 202 may control bonus applications or bonus systems that may award bonus opportunities on gaming system 200. Moreover, game server 202 may include a set of rules for awarding jackpots in excess of those established by winning pay tables (not shown) of each gaming machine 100. Some bonus awards may be awarded randomly, while other bonus awards may be made to groups of gaming machines 100 operating in a progressive jackpot mode. Player tracking server 206 may store data related to the players and tracked using player tracking identification, such as a player card. Moreover, player tracking server 206 may store information and data about the player such as loyalty points, player address, phone number, and/or any information that may be retrieved and transmitted to the game server 202. Accounting server 204 may store and track information such as, but not limited to, the average amount of wager played by the player, and/or any funds the player may have in an account.

Furthermore, in the exemplary embodiment, gaming system 200 may include one or more remote computers 216 and/or mobile devices 218 that may access gaming system 200 via an external network, such as the Internet 220.

FIG. 3 is a block functional diagram of an exemplary authentication system 300 that may be used with gaming machine 100 (shown in FIG. 1). In the exemplary embodiment, authentication system 300 may include a physical security device 302, first bootup memory device 142, second bootup memory device 144, data storage device 146, and processor 104. Alternatively, second bootup memory device 144 may be omitted and the functionality of second bootup memory device 144 may be incorporated within first bootup memory device 142. In the exemplary embodiment, processor 104 may be coupled to each of physical security device 302, first bootup memory device 142, second bootup memory device 144, and data storage device 146. FIG. 4 is a block functional diagram of data storage device 146.

In the exemplary embodiment, physical security device 302 may be a sensor or another device that may determine if a physical security of gaming machine 100 may have been compromised. For example, physical security device 302 may be a sensor that detects if the cabinet of gaming machine 100 may have been opened. Alternatively, physical security device 302 may be any other device that may enable gaming machine 100 to function as described herein. In the exemplary embodiment, physical security device 302 may transmit a signal to processor 104 indicative of the physical security of gaming machine 100. For example, physical security device 302 may transmit a signal indicating that gaming machine 100 may have passed the physical security check and may be ready to boot, or may transmit a signal indicating that gaming machine 100 may have failed the physical security check and should not be booted.

In the exemplary embodiment, first bootup memory device 142 and second bootup memory device 144 may be, or may include, EEPROMs. Alternatively, first and second bootup memory devices 142 and 144 may be, or may include, any other type of ROM and/or memory that may enable gaming machine 100 to function as described herein. In the exemplary embodiment, first bootup memory device 142 may be positioned on a system motherboard (not shown) or a control board of gaming machine 100 and may include a plurality of computer-executable instructions that may form a basic input/output system “BIOS” for gaming machine 100. Moreover, in the exemplary embodiment, second bootup memory device 144 may be positioned in an add-in card (not shown) coupled to the motherboard, such as a peripheral component interconnect “PCI” card. Second bootup memory device 144 may include a plurality of computer-executable instructions that may form a BIOS extension for gaming machine 100. Alternatively, first bootup memory device 142 and/or second bootup memory device 144 may be positioned or embodied within any other component of gaming machine 100.

Referring to FIG. 4, data storage device 146, in the exemplary embodiment may be or may include, a hard disk drive. Alternatively, data storage device 146 may be or may include a solid state drive “SSD” and/or any other data storage device that may enable gaming machine 100 to function as described herein. In the exemplary embodiment, data storage device 146 may include a plurality of operation systems 400, such as a primary operation system 402 and a gaming operating system 404. Data storage device 146 may also include a plurality of gaming packages 406, a plurality of certificate files 408 associated with gaming packages 406, and a database 410.

Primary operating system 402 may configure peripheral devices and components of gaming machine 100, and may execute a plurality of applications and services that may establish user interfaces and input mechanisms for a player. In the exemplary embodiment, primary operating system 402 may include an authentication application or module 412 that may facilitate authenticating gaming packages 406, as described more fully herein. Gaming operating system 404 may configure devices and/or applications associated with gaming packages 406 and may operate as a software interface between gaming packages 406, primary operating system 402, and one or more devices of gaming machine 100.

Database 410 may store, for example and without limitation, a list of gaming packages 406 within data storage device 146 and a list of gaming packages 406 that may have been authenticated. In one embodiment, gaming packages 406 may be arranged or ordered within the list according to a predetermined sequence of authentication. In the exemplary embodiment, each gaming package 406 may include one or more files that may present or display a game to a player (e.g., via display device 108 and/or 110 (shown in FIG. 1) when selected and executed by processor 104. The files may include, for example and not by way of limitation, attraction graphic and sound files, primary game graphic and sound files, bonus game graphic and sound files, one or more paytables, celebration graphic and sound files, and/or graphic files representative of player interaction buttons. In addition, each gaming package 406 may include objects associated with a game, such as a credit meter, a current wager meter, and a win meter.

A certificate file 408, in the exemplary embodiment, may be associated with each gaming package 406 and may be used by processor 104 to authenticate the contents of the associated gaming package 406. In the exemplary embodiment, each certificate file 408 may include a file header 414, a file data section 416, and a file signature 418. File header 414 may identify the composition or configuration of certificate file 408. File data section 416 may include a list of files authenticated by certificate file 408 and may include a value (hereinafter referred to as a “hash value”) resulting from performing a cryptographic hash function on the contents of the listed files. In the exemplary embodiment, the list of files within file data section 416 may include each file within an associated gaming package 406, and the hash value may be obtained by performing a hash function on the entire gaming package 406 (i.e., upon each file within package 406). Moreover, in the exemplary embodiment, file signature 418 may be an encrypted hash value of certificate file 408. More specifically, file signature 418 may include a hash value of the contents of certificate file 408 (e.g., file header 414 and file data section 416) that may be encrypted using a private key of a public key infrastructure “PKI” encryption algorithm.

During operation, when gaming machine 100 is powered on or completes a reset operation, processor 104 may initiate a boot sequence (or “bootup”) of gaming machine 100. Physical security device 302 may determine whether gaming machine 100 passes a physical security check and may generate a signal representative of the determination. If processor 104 receives a signal indicating that gaming machine 100 may have failed the physical security check, processor 104 may stop or prohibit the bootup of gaming machine 100, and may generate or transmit an alarm to an administrator or to a device. However, if processor 104 receives a signal indicating that gaming machine 100 may have passed the physical security check, processor 104 may initiate or resume the bootup of gaming machine 100.

In the exemplary embodiment, after the gaming machine 100 has passed the physical security check, execution control may be passed to first bootup memory device 142 that may initiate or resume the bootup process. More specifically, processor 104 may retrieve and may execute initial bootup instructions from first bootup memory device 142. In one embodiment, processor 104 may authenticate the instructions and/or data within first bootup memory device 142 before or during the execution of the instructions. Moreover, in the exemplary embodiment, processor 104 may authenticate second bootup memory device 144 (i.e., the instructions and/or data within second bootup memory device 144).

After processor 104 may have completed executing instructions within first bootup memory device 142 and may have authenticated second bootup memory device 144, execution control may be passed to second bootup memory device 144 to continue the bootup process of gaming machine 100. More specifically, in the exemplary embodiment, processor 104 may retrieve and may execute instructions from second bootup memory device 144. Moreover, processor 104 may authenticate at least a portion of data storage device 146 (i.e., the instructions and/or data within a portion of data storage device 146), such as the instructions and/or data that may be required to boot or execute primary operating system 402 that may be stored within data storage device 146.

Primary operating system 402, in the exemplary embodiment, may execute authentication module 412 to authenticate gaming operating system 404 and gaming packages 406. Authentication module 412 may execute gaming operating system 404 once system 404 has been authenticated. Moreover, authentication module 412 may authenticate gaming packages 406 while gaming operating system 404 may execute (e.g., in the background and/or in parallel with gaming operating system 404). In the exemplary embodiment, gaming operating system 404 may enable and/or may receive local player input (and/or input from a remote device) and/or interaction with gaming machine 100 while gaming packages 406 may be authenticated. More specifically, input from a player or a remote device may be received and may be acted upon concurrently with the authentication of gaming packages 406. If input from the player or remote device is not received, authentication module 412 may authenticate gaming packages 406 according to a default, or predetermined sequence. In one embodiment, the default authentication sequence may be downloaded to gaming machine 100 by a remote server or another device such that gaming packages 406 may be authenticated according to the downloaded sequence upon the next bootup of gaming machine 100.

Moreover, in the exemplary embodiment, authentication module 412 may authenticate gaming packages 406 in a selectable, adjustable, and/or dynamic sequence such that authentication module 412 may depart from the default authentication sequence to authenticate gaming packages 406 in a sequence different from the default sequence. In one embodiment, gaming packages 406 may be authenticated in order of popularity. Accordingly, the most popular game may be authenticated first, the second-most popular game may be authenticated next, and the like. In one embodiment, gaming operating system 404 may receive data from a remote device or server, such as player tracking server 206 (shown in FIG. 2), or from memory area 106, indicative of a player's game or play history and may rank or may order gaming packages 406 in order of the popularity of gaming packages 406 with respect to the player. Alternatively, gaming operating system 404 may receive data indicative of the popularity of gaming packages 406 within a gaming floor or area, a geographic region, and/or any other locality that may enable gaming machine 100 to function as described herein, and gaming operating system 404 may rank or may order the gaming packages 406 accordingly.

In another embodiment, authentication module 412 may authenticate gaming package 406 and may include the game that was last played by the player or the last game that was played on gaming machine 100 by any player. In other embodiments, authentication module 412 may authenticate gaming packages 406 according to player preferences (stored within gaming machine 100 and/or received from player tracking server 206 or another remote server or device), according to the game or gaming package 406 most recently installed within gaming machine 100, and/or according to any other predetermined, configurable, or selectable criteria.

In the exemplary embodiment, the authentication of gaming packages 406 may be player selectable and/or player overridable. Additionally or alternatively, the authentication of gaming packages 406 may be selectable and/or overridable by a remote device, such as a server. For example, authentication module 412 may begin authenticating a first gaming package 406 as part of a predetermined authentication sequence, and a player may input a selection to play an unauthenticated game, and/or an input from a remote device may be received concurrently with the authentication of first gaming package 406. In such an embodiment, the unauthenticated game may be indicated as unavailable, for example, by displaying the title of the game with a reduced opacity and/or using a reduced color palette (e.g., in a “grayed out” manner), and/or a message may be displayed to the player indicating that the game will begin after a delay. Authentication module 412 may stop authenticating the first gaming package 406 and may depart from the predetermined authentication sequence and may authenticate the selected gaming package 406. After the selected gaming package 406 has been authenticated, authentication module 412 may resume the prior authentication sequence by authenticating first gaming package 406.

In one embodiment, authentication module 412 may prioritize the selected gaming package 406 above the next identified gaming package in the sequence (i.e., above a second gaming package 406). Accordingly, the selected gaming package 406 may be authenticated after (or concurrently or in parallel with) first gaming package 406 and before second gaming package 406. After the selected gaming package 406 has been authenticated, authentication module 412 may resume authenticating gaming packages 406 (including second gaming package 406) according to the predetermined authentication sequence.

Moreover, in the exemplary embodiment, a plurality of gaming packages 406 may be authenticated in parallel. For example, processor 104 may include a plurality of execution units, or cores, and/or may be multi-threaded such that a plurality of instructions may be executed concurrently. In such an example, processor 104 may authenticate (using authentication module 412) a first gaming package 406 using a first core or thread, and may authenticate additional gaming packages 406 using additional cores or threads. Moreover, in the exemplary embodiment, authentication module 412 may authenticate executable files and non-executable files, such as graphic files, sound files, data files, and/or any other files within gaming packages 406.

In the exemplary embodiment, authentication module 412 may authenticate each certificate file 408 and each gaming package 406 by accessing certificate file 408 associated with gaming package 406. Authentication module 412 may decrypt file signature 418 to obtain the stored hash value of certificate file 408. Authentication module may calculate the hash value of certificate file 408 and may compare the calculated hash value to the stored hash value. If the calculated hash value equals the stored hash value, authentication module 412 may determine that certificate file 408 may be intact and unmodified (i.e., that certificate file 408 is “trusted”). If the calculated hash value does not equal the stored hash value, authentication module 412 may stop authenticating gaming package 406 and may generate an error message or indicator to an administrator, remote server, or another device or individual.

If authentication module 412 may determine that certificate file 408 may be authenticated or trusted, authentication module 412 may receive file data section 416 from certificate file 408. Authentication module 412 may calculate a hash value of the files identified in file data section 416 and compares the calculated hash value to the stored hash value of the files. If the calculated hash value equals the stored hash value of the files, authentication module 412 may determine that gaming package 406 may be unmodified or trusted. Authentication module 412 may then enable the authenticated gaming package 406 to be loaded and/or accessed by gaming operating system 404 and the player, and may identify gaming package 406 as being authenticated within the list stored in database 410. Moreover, authentication module 412 may continue authenticating other gaming package 406 that may be listed in database 410 as being unauthenticated. However, if the calculated hash value does not equal the stored hash value of the files, authentication module 412 may stop authenticating gaming package 406 and may generate an error message or indicator to an administrator, remote server, or another device or individual.

Accordingly, as described herein, gaming machine 100 and authentication system 300 may provide increased security during a bootup of machine 100 as compared to prior art gaming machines. Moreover, gaming machine 100 and authentication system 100 may increase player satisfaction by enabling gaming machine 100 to be accessible while gaming packages 406 may be in the process of being authenticated. If a player wants to play a game that has not yet been authenticated, authentication module 412 may prioritize the gaming package including the game above other gaming packages 406 in the authentication sequence. As such, authentication system 300 may enable gaming machine 100 to be more accessible to players while retaining and/or improving the security of gaming packages 406 and gaming machine 100.

FIG. 5 is a flowchart illustrating an exemplary method 500 that may authenticate a gaming machine, such as gaming machine 100 (shown in FIG. 1). In the exemplary embodiment, method 500 may be implemented by controller 102 (shown in FIG. 1). More specifically, method 500 may be embodied within a plurality of computer-executable instructions stored within memory area 106, and the instructions may be executed by processor 104 (both shown in FIG. 1) to perform the functions described herein.

In the exemplary embodiment, method 500 may include determining 502 a physical security of gaming machine 100. For example, physical security device 302 (shown in FIG. 3) may be used to detect if the cabinet of gaming machine 100 has been opened. If processor 104 and/or physical security device 302 determine 502 gaming machine 100 to be physically secured, processor 104 may authenticate 504 first bootup memory device 142 and instructions from first bootup memory device 142 may be executed. However, if processor 104 and/or physical security device 302 determine 502 gaming machine 100 to be physically insecure, a bootup sequence of gaming machine 100 may be halted.

After processor 104 may have authenticated 504 first bootup memory device 142, processor 104 and/or first bootup memory device 142 may authenticate 506 second bootup memory device 144 and instructions from second bootup memory device 144 may be executed. When processor 104 and/or first bootup memory device 142 may have authenticated 506 second bootup memory device 144, second bootup memory device 144 may authenticate 508 a first, or primary operating system 402 (shown in FIG. 4).

Primary operating system 402 may be executed and an authentication module 412 (shown in FIG. 4) may be launched or may be executed. Authentication module 412, in the exemplary embodiment, may authenticate 510 a second, or gaming operating system 404 (shown in FIG. 4). If authentication module 412 may authenticate 510 gaming operating system 404, gaming operating system 404 may receive or may enable 512 local user input and/or input from a remote device for gaming machine 100. More specifically, a player may be enabled to input commands and/or selections into gaming machine 100, for example, to select a game to play. Moreover, input from a remote device, such as game server 202 and/or configuration workstation 214 (both shown in FIG. 2) may be received or may be enabled, for example, to configure aspects of gaming machine 100. After authentication module 412 may have authenticated 510 gaming operating system 404 and after input from a user and/or a remote device may have been received or enabled 512, authentication module 412 dynamically or selectably may authenticate 514 a plurality of gaming packages 406 (shown in FIG. 4).

For example, gaming packages 406 may be authenticated 514 in a selectable or configurable sequence based on the popularity of the game presented by gaming package 406, based on local user input, based on data received by a remote device or server, based on the last time each gaming package 406 was accessed (i.e., authentication module 412 may authenticate the most recently used gaming package 406 first), based on player preferences or history, or based on any other criteria. Moreover, in the exemplary embodiment, the sequence of gaming packages 406 authenticated may be dynamically changed and/or overridden based on user input or input from a remote device, such as configuration workstation 214 and/or game server 202 (both shown in FIG. 2). If input from the local user or the remote device is not received, authentication module 412 may authenticate 514 gaming packages 406 according to a default, or predetermined sequence.

In one embodiment, one or more computer-readable storage media having computer-executable components may include a plurality of gaming packages that when executed by at least one processor cause the at least one processor to display a plurality of games to a player. The computer-readable storage media may also include an authentication module that when executed by the at least one processor causes the at least one processor to authenticate the plurality of gaming packages according to a predetermined sequence, and to depart from the predetermined sequence upon the receipt of at least one of a user input and an input from a remote device.

In one embodiment, the computer-readable storage media may also include a gaming operating system, wherein the authentication module causes the at least one processor to authenticate the gaming operating system. In addition, the computer-readable storage media may include a plurality of certificate files associated with the plurality of gaming packages, wherein the authentication module causes the at least one processor to use data included within the plurality of certificate files to authenticate the plurality of gaming packages. More specifically, the authentication module may cause the at least one processor to authenticate each certificate file associated with each gaming package, and authenticate each gaming package if the associated certificate file is authenticated.

In another embodiment, the computer-readable storage media may include a first certificate file associated with a first gaming package of the plurality of gaming packages. The first certificate file may include a file signature section including an encrypted hash value of the first certificate file. The authentication module may cause the at least one processor to decrypt the encrypted hash value to obtain an unencrypted hash value of the first certificate file, calculate a hash value of the first certificate file, and compare the calculated hash value of the first certificate file with the unencrypted hash value of the first certificate file for use in authenticating the first certificate file.

Moreover, the first certificate file may include a file data section including a hash value of the first gaming package. The authentication module may cause the at least one processor to calculate a hash value of the first gaming package and compare the calculated hash value to the hash value of the file data section for use in authenticating the first gaming package. The file data section may include a list of files within the first gaming package such that the authentication module causes the at least one processor to calculate a hash value of the files listed within the file data section and compare the calculated hash value to the hash value of the file data section for use in authenticating the first gaming package.

In another embodiment, an authentication system for use with a gaming machine may include at least one bootup memory device and a data storage device including at least one operating system and a plurality of gaming packages. The authentication system may also include a processor coupled to the at least one bootup memory device and the data storage device. The processor may be configured to authenticate the at least one bootup memory device, authenticate the at least one operating system, receive at least one of a local user input and an input from a remote device, and authenticate the plurality of gaming packages after receiving the at least one of the local user input and the input from the remote device.

The authentication may also include a physical security device configured to determine a physical security of the gaming machine. In addition, the at least one operating system may include a primary operating system and a gaming operating system. The at least one operating system may also include an authentication module such that the processor may be configured to authenticate the plurality of gaming packages by executing the authentication module and authenticating the plurality of gaming packages using the authentication module.

In one embodiment, the processor may be configured to authenticate the plurality of gaming packages by determining an authentication sequence for the plurality of gaming packages and departing from the determined authentication sequence in response to an input received by the gaming machine. In another embodiment, the processor may be configured to authenticate the plurality of gaming packages by authenticating a first gaming package of the plurality of gaming packages according to a determined authentication sequence. The determined authentication sequence may identify a second gaming package of the plurality of gaming packages to be authenticated after the first gaming package has been authenticated. The processor may be further configured to authenticate the plurality of gaming packages by receiving at least one of a local user input and an input from a remote device, and prioritizing an authentication of a third gaming package of the plurality of gaming packages over an authentication of the second gaming package. After the third gaming package has been authenticated, the processor may be further configured to return to the predetermined authentication sequence.

In another embodiment, the processor may be configured to authenticate the plurality of gaming packages in parallel. In yet another embodiment, the processor may be configured to authenticate the plurality of gaming packages concurrently with the receipt of at least one of the local user input and the input from the remote device. In a still further embodiment, a first gaming package of the plurality of gaming packages may include at least one non-executable file such that the processor may be configured to authenticate the at least one non-executable file.

The above-described embodiments may provide benefits to casinos, gaming machine manufacturers, and players alike. For example, using the present disclosure may enable casinos to gain increased security from the authentication process, and may increase player satisfaction by enabling gaming machines to be accessible while gaming packages are in the process of being authenticated. Gaming machine manufacturers may gain an ability to prevent unauthorized changes to gaming packages and operating systems installed within the gaming machines, thus maybe preventing the use of gaming machines in ways that were not intended by the manufacturer. In addition, players may benefit by being able to access the gaming machine quickly after a bootup of the machine, i.e., without having to wait for every gaming package within a gaming machine to be authenticated.

The above-described embodiments of the disclosure may be implemented using computer programming or engineering techniques that may include computer software, firmware, hardware or any combination or subset thereof, wherein the technical effect may authenticate gaming packages and/or other files of the gaming machine, and may enable the gaming package authentication sequence to be changed based on input from a user or remote device. Any such resulting program, having computer-readable code, may be embodied or may be provided within one or more computer-readable media, possibly making a computer program product, i.e., an article of manufacture, according to the discussed embodiments of the disclosure. The computer readable media may be, for example, but is not limited to, a fixed (hard) drive, diskette, optical disk, magnetic tape, semiconductor memory such as read-only memory “ROM,” and/or any transmitting/receiving medium such as the Internet or other communication network or link. The article of manufacture containing the computer code may be made and/or used by executing the code directly from one medium, by copying the code from one medium to another medium, or by transmitting the code over a network.

The term “processor,” as used herein, refers to central processing units, microprocessors, microcontrollers, reduced instruction set circuits “RISC,” application specific integrated circuits “ASIC,” logic circuits, and any other circuit or processor capable of executing the functions described herein.

As used herein, the terms “software” and “firmware” are interchangeable, and may include any computer program stored in memory for execution by processor 104, and may include RAM memory, ROM memory, EPROM memory, EEPROM memory, and non-volatile RAM “NVRAM” memory. The above memory types may be exemplary only, and thus may not be limiting as to the types of memory usable for storage of a computer program.

A computer or controller, such as those described herein, may include at least one processor or processing unit and a system memory. The computer or controller typically may have at least some form of computer readable media. By way of example and not limitation, computer readable media may include computer storage media and communication media. Computer storage media may include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules, or other data. Communication media may embody computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism and may include any information delivery media. The modulated data signal may have one or more of its characteristics set or changed in such a manner as to encode information in the signal. Combinations of any of the above may also included within the scope of computer readable media.

Although the present disclosure is described in connection with an exemplary gaming system environment, embodiments of the disclosure may be operational with numerous other general purpose or special purpose gaming system environments or configurations. The gaming system environment is not intended to suggest any limitation as to the scope of use or functionality of any aspect of the disclosure. Moreover, the gaming system environment should not be interpreted as having any dependency or requirement relating to any one or combination of components illustrated in the exemplary operating environment. Examples of gaming systems, environments, and/or configurations that may be suitable for use with aspects of the disclosure include, but are not limited to, personal computers, server computers, hand-held or laptop devices, multiprocessor systems, microprocessor-based systems, set top boxes, programmable consumer electronics, mobile telephones, network PCs, minicomputers, mainframe computers, distributed computing environments that include any of the above systems or devices, and the like.

Embodiments of the disclosure may be described in the general context of computer-executable instructions, such as program components or modules, executed by one or more computers or other devices. Aspects of the disclosure may be implemented with any number and organization of components or modules. For example, aspects of the disclosure are not limited to the specific computer-executable instructions or the specific components or modules illustrated in the figures and described herein. Alternative embodiments of the disclosure may include different computer-executable instructions or components having more or less functionality than illustrated and described herein.

The order of execution or performance of the operations in the embodiments of the disclosure illustrated and described herein is not essential, unless otherwise specified. That is, the operations may be performed in any order, unless otherwise specified, and embodiments of the disclosure may include additional or fewer operations than those disclosed herein. For example, it is contemplated that executing or performing a particular operation before, contemporaneously with, or after another operation is within the scope of aspects of the disclosure.

This written description uses examples to disclose the disclosure, including the best mode, and also to enable any person skilled in the art to practice the disclosure, including making and using any devices or systems and performing any incorporated methods. The patentable scope of the disclosure is defined by the claims, and may include other examples that occur to those skilled in the art. Such other examples may be intended to be within the scope of the claims if they have structural elements that do not differ from the literal language of the claims, or if they include equivalent structural elements with insubstantial differences from the literal language of the claims. 

1. A gaming machine comprising: a memory area comprising: at least one bootup memory device; and at least one data storage device comprising at least one operating system and a plurality of gaming packages; a display device configured to display at least one game selected from the plurality of gaming packages; and a processor coupled to the memory area and to the display device, the processor configured to: authenticate the at least one bootup memory device; authenticate the at least one operating system; determine an authentication sequence for the plurality of gaming packages; and authenticate the plurality of gaming packages in a sequence different from the determined authentication sequence.
 2. The gaming machine according to claim 1, further comprising a physical security device configured to determine a physical security of the gaming machine.
 3. The gaming machine according to claim 1, wherein the at least one operating system comprises a primary operating system and a gaming operating system.
 4. The gaming machine according to claim 1, wherein the at least one operating system comprises an authentication module, the processor is configured to authenticate the plurality of gaming packages by: executing the authentication module; and authenticating the plurality of gaming packages using the authentication module.
 5. The gaming machine according to claim 1, wherein the processor is further configured to authenticate the plurality of gaming packages by departing from the determined authentication sequence in response to an input received by the gaming machine.
 6. The gaming machine according to claim 1, wherein the processor is further configured to authenticate the plurality of gaming packages by: authenticating a first gaming package of the plurality of gaming packages according to the determined authentication sequence, wherein the determined authentication sequence identifies a second gaming package of the plurality of gaming packages to be authenticated after the first gaming package has been authenticated; receiving at least one of a local user input and an input from a remote device; and prioritizing an authentication of a third gaming package of the plurality of gaming packages over an authentication of the second gaming package.
 7. The gaming machine according to claim 6, wherein the processor is further configured to return to the determined authentication sequence after authenticating the third gaming package.
 8. The gaming machine according to claim 1, wherein the processor is further configured to authenticate the plurality of gaming packages in parallel.
 9. The gaming machine according to claim 1, wherein the processor is further configured to authenticate the plurality of gaming packages concurrently with a receipt of at least one of a local user input and an input from a remote device.
 10. The gaming machine according to claim 1, wherein a first gaming package of the plurality of gaming packages comprises at least one non-executable file, the processor is further configured to authenticate the at least one non-executable file.
 11. A method of authenticating gaming machine content, the method comprising: authenticating at least one bootup memory device of the gaming machine; authenticating at least one operating system of the gaming machine; receiving at least one of a local user input to the gaming machine and an input to the gaming machine from a remote device; and authenticating a plurality of gaming packages after receiving the at least one of the local user input and the input from the remote device.
 12. The method according to claim 11, further comprising determining a physical security of the gaming machine.
 13. The method according to claim 11, wherein the authenticating of the at least one operating system further comprises authenticating a primary operating system and a gaming operating system.
 14. The method according to claim 11, wherein the authenticating of the plurality of gaming packages further comprises: executing an authentication module of the at least one operating system; and authenticating the plurality of gaming packages using the authentication module.
 15. The method according to claim 11, wherein the authenticating of the plurality of gaming packages comprises: determining an authentication sequence for the plurality of gaming packages; and departing from the determined authentication sequence in response to an input received by the gaming machine.
 16. The method according to claim 11, wherein the authenticating of the plurality of gaming packages comprises: authenticating a first gaming package of the plurality of gaming packages according to a determined authentication sequence, wherein the authentication sequence identifies a second gaming package of the plurality of gaming packages to be authenticated after the first gaming package has been authenticated; receiving at least one of the local user input and the input from the remote device; and prioritizing an authentication of a third gaming package of the plurality of gaming packages over an authentication of the second gaming package.
 17. The method according to claim 16, further comprising returning to the determined authentication sequence after authenticating the third gaming package.
 18. The method according to claim 11, wherein the authenticating of the plurality of gaming packages further comprises authenticating a plurality of gaming packages in parallel.
 19. The method according to claim 11, wherein the authenticating of the plurality of gaming packages further comprises authenticating a plurality of gaming packages concurrently with receiving at least one of the local user input and the input from the remote device.
 20. The method according to claim 11, wherein a first gaming package of the plurality of gaming packages includes at least one non-executable file, the authenticating of the plurality of gaming packages further comprises authenticating the at least one non-executable file within the first gaming package. 